Announcement

Collapse
No announcement yet.

How to report False Positive to us?

Collapse
This topic is closed.
X
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Hi WillStamps,

    You can put it in the Ignore List from right-click menu until IObit corrects their database.

    Cheers.
    enoskype

    - Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -

    Comment


    • Driver Checker (False Posotive?)

      Driver Checker 2.7.3
      Seems to work great!
      Downloads 2 drivers per day.
      Your software takes me to a web sitre that says, it just wants money for the software?

      IObit Security 360

      OS:Windows XP
      Version:1.3.0.10
      Define Version:1282
      Time Elapsed:01:07:46
      Objects Scanned:68462
      Threats Found:71

      |Name|Type|Description|ID|
      Rogue.DriverChecker, Folder, C:\Program Files\Driver Checker, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\DcDriver.dll, 3-2705
      Rogue.DriverChecker, Folder, C:\Program Files\Driver Checker\DcInfo, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\dcUpdate.exe, 3-2705
      Rogue.DriverChecker, Folder, C:\Program Files\Driver Checker\download, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\DriverChecker.exe, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\DriverCheckerhelp.chm, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\driverfiles.dll, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\gdiplus.dll, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\install.log, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\link.dll, 3-2705
      Rogue.DriverChecker, Folder, C:\Program Files\Driver Checker\LiveUpdate, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\ScanResult.ini, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\unins000.exe, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\unins001.dat, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\unins001.exe, 3-2705
      Rogue.DriverChecker, Folder, C:\Program Files\Driver Checker\download\Acer_PG4600_Chipset1_4u For WinXP, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Acer_PG4600_Chipset1_4u For WinXP.zip, 3-2705
      Rogue.DriverChecker, Folder, C:\Program Files\Driver Checker\download\HP_Pavilion_g3238cx_g3237d_Keyboard For WinXP_XP64, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\HP_Pavilion_g3238cx_g3237d_Keyboard For WinXP_XP64.zip, 3-2705
      Rogue.DriverChecker, Folder, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP.zip, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Acer_PG4600_Chipset1_4u For WinXP\ich4usb.cat, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Acer_PG4600_Chipset1_4u For WinXP\ich4usb.inf, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Acer_PG4600_Chipset1_4u For WinXP\Readme.xml, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\HP_Pavilion_g3238cx_g3237d_Keyboard For WinXP_XP64\hpqps2kb.cat, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\HP_Pavilion_g3238cx_g3237d_Keyboard For WinXP_XP64\hpqps2kb.inf, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\HP_Pavilion_g3238cx_g3237d_Keyboard For WinXP_XP64\PS2.sys, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\HP_Pavilion_g3238cx_g3237d_Keyboard For WinXP_XP64\Readme.xml, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\Alcrmv.exe, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\Alcxau0.inf, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\alcxwdm.cat, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\ALCXWDM.SYS, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\ALSNDMGR.CPL, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\ALSNDMGR.WAV, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\Readme.xml, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\RtlCPAPI.dll, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\RTLCPL.EXE, 3-2705
      Rogue.DriverChecker, File, C:\Program Files\Driver Checker\download\Realtek_ALC100_Alcxau0_WDM_406 For Win2K_XP\SOUNDMAN.EXE, 3-2705
      Unwanted.RegistryPC, Folder, C:\Documents and Settings\HP_Owner.YOUR-86339EB2BF\Application Data\RegistryPC, 3-2876
      Unwanted.RegistryPC, Folder, C:\Documents and Settings\HP_Owner.YOUR-86339EB2BF\Application Data\RegistryPC\Logs, 3-2876
      Unwanted.RegistryPC, File, C:\Documents and Settings\HP_Owner.YOUR-86339EB2BF\Application Data\RegistryPC\spy_ignore.db, 3-2876
      Unwanted.RegistryPC, File, C:\Documents and Settings\HP_Owner.YOUR-86339EB2BF\Application Data\RegistryPC\Logs\2009-11-01 02-18-570.log, 3-2876
      Unwanted.RegistryPC, File, C:\WINDOWS\Tasks\RegistryPC Scan.job, 4-18187
      Unwanted.Driver Checker, File, C:\System Volume Information\_restore{02818594-CB0B-43E3-8139-587D9EF98970}\RP315\A0059606.exe, 8-375

      Comment


      • Do you know about Driver Checker?

        Comment


        • Hi Ken Sams,

          Please read THIS thread, and you decide what to do.

          Cheers.
          enoskype

          - Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -

          Comment


          • Thanx :-P

            Keep up the good work!!!

            Comment


            • Just want to add this.

              It appears by the logfile some of the processes are ok... safe. Some are not... unsafe, so it is risky. By unsafe I mean unknown. The processes haven't been evaluated by users to rate them. I suspect driverchecker changes them just enough (quite frequently)(did you say twice a day or so?) so they remain unknown and can't be evaluated as they change. The processes that actually do work, they don't change, so they are known and rated safe.

              Its possible this could be a platform to hide other intentions.

              I agree with enoskype. You must make your decision after investigating thouroughly. Personally I wouldn't allow this software on my system... there are alternatives out there.

              Good luck to you!


              Comment


              • Hi all.
                360 seems to be reporting false positives on the Bit Defender 2010 anti-virus suite. here is the log. I have checked out all the files mentioned and they are genuine Bit Defender files.

                IObit Security 360

                OS:Windows Vista
                Version:1.3.0.10
                Define Version:1283
                Time Elapsed:00:02:56
                Objects Scanned:47256
                Threats Found:5

                |Name|Type|Description|ID|
                Fraudtool.Hijack, Registry Key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdAgent.exe, 4-22996
                Fraudtool.Hijack, Registry Key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe, 4-23004
                Fraudtool.Hijack, Registry Key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe, 4-23386
                Fraudtool.Hijack, Registry Key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe, 4-23837
                Fraudtool.Hijack, Registry Key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe, 4-24064

                Comment


                • False Positive

                  IObit Security 360

                  OS:Windows Vista
                  Version:1.3.0.10
                  Define Version:1284
                  Time Elapsed:00:18:00
                  Objects Scanned:65791
                  Threats Found:1

                  |Name|Type|Description|ID|
                  TrojanAgent, File, C:\Program Files\BitDefender\BitDefender 2009\privscan.dll, 12-116

                  Cheers,

                  Mike

                  Comment


                  • False Positive: wintab32.dll

                    IObit Security 360

                    OS:Windows XP
                    Version:1.3.0.10
                    Define Version:1284
                    Time Elapsed:00:02:52
                    Objects Scanned:47195
                    Threats Found:1

                    |Name|Type|Description|ID|
                    Trojan.Win32/Agent, File, C:\WINDOWS\system32\wintab32.dll, 4-13706

                    Wintab32.dll is a graphics tablet/digitizer driver.
                    Version: 3.20.0.0
                    Description: Wintab Digitizer Services 32-bit Client DLL
                    Company: LCS/Telegraphics
                    File Size: 64.0 KB (65,536 bytes)

                    Comment


                    • Hi mphdavidson and bunnyb0y,

                      Did you upload and check those files in VirusTotal ?

                      Please give the reports links of VirusTotal in this thread.

                      Cheers.
                      enoskype

                      - Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -

                      Comment


                      • Hi,

                        Possible FP:

                        IObit Security 360

                        OS:Windows 7
                        Versão:1.3.0.10
                        Definir Versão:1286
                        Tempo decorrido:00:21:18
                        Objetos verificados:67648
                        Ameaças encontradas:1

                        |Name|Type|Description|ID|
                        Wigon.KM, File, C:\Users\Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\vbhwxe0i.default\extensions\totalrechrome@froilson.com\platform\WINNT\components\dwmxpcom.dll, 11-1388

                        Comment


                        • IObit Security 360

                          OS:Windows XP
                          Version:1.3.0.10
                          Define Version:1289
                          Time Elapsed:00:07:15
                          Objects Scanned:55309
                          Threats Found:2

                          |Name|Type|Description|ID|
                          180 Solutions.nCase, File, C:\WINDOWS\system32\write.exe, 10-612
                          180 Solutions.nCase, File, C:\WINDOWS\system32\dllcache\write.exe, 10-612

                          Comment


                          • Hi Márcio Schmidt and dim74,

                            Did you upload and check those files in VirusTotal ?

                            Please give the reports links of VirusTotal in this thread.

                            Cheers.
                            enoskype

                            - Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -

                            Comment


                            • OK! Ref.: 11-27-2009

                              Arquivo dwmxpcom.dll recebido em 2009.11.19 22:32:36 (UTC)
                              Antivírus Versão Última Atualização Resultado
                              a-squared 4.5.0.41 2009.11.19 -
                              AhnLab-V3 5.0.0.2 2009.11.19 -
                              AntiVir 7.9.1.72 2009.11.19 -
                              Antiy-AVL 2.0.3.7 2009.11.19 -
                              Authentium 5.2.0.5 2009.11.19 -
                              Avast 4.8.1351.0 2009.11.19 -
                              AVG 8.5.0.425 2009.11.19 -
                              BitDefender 7.2 2009.11.19 -
                              CAT-QuickHeal 10.00 2009.11.19 -
                              ClamAV 0.94.1 2009.11.19 -
                              Comodo 2983 2009.11.19 -
                              DrWeb 5.0.0.12182 2009.11.19 -
                              eSafe 7.0.17.0 2009.11.19 -
                              eTrust-Vet 35.1.7131 2009.11.19 -
                              F-Prot 4.5.1.85 2009.11.19 -
                              F-Secure 9.0.15370.0 2009.11.17 -
                              Fortinet 3.120.0.0 2009.11.19 -
                              GData 19 2009.11.19 -
                              Ikarus T3.1.1.74.0 2009.11.19 -
                              Jiangmin 11.0.800 2009.11.19 -
                              K7AntiVirus 7.10.900 2009.11.19 -
                              Kaspersky 7.0.0.125 2009.11.19 -
                              McAfee 5807 2009.11.19 -
                              McAfee+Artemis 5807 2009.11.19 -
                              McAfee-GW-Edition 6.8.5 2009.11.19 -
                              Microsoft 1.5302 2009.11.19 -
                              NOD32 4623 2009.11.19 -
                              Norman 6.03.02 2009.11.19 -
                              nProtect 2009.1.8.0 2009.11.19 -
                              Panda 10.0.2.2 2009.11.19 -
                              PCTools 7.0.3.5 2009.11.19 -
                              Prevx 3.0 2009.11.19 -
                              Rising 22.22.03.09 2009.11.19 -
                              Sophos 4.47.0 2009.11.19 -
                              Sunbelt 3.2.1858.2 2009.11.19 -
                              Symantec 1.4.4.12 2009.11.19 -
                              TheHacker 6.5.0.2.074 2009.11.19 -
                              TrendMicro 9.0.0.1003 2009.11.19 -
                              VBA32 3.12.12.0 2009.11.19 -
                              ViRobot 2009.11.19.2045 2009.11.19 -
                              VirusBuster 5.0.21.0 2009.11.19 -
                              Informações adicionais
                              File size: 53248 bytes
                              MD5   : 8923e7eb1eabd9941925cdfdb6066990
                              SHA1  : 91c4eb2f78fcdcf19f1e0408145f17a12705e447
                              SHA256: b7bef7523df6a7873f3d1a692547e4a72b5faefae17dc41a1d29210ea1266bff
                              PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0x23F1<br> timedatestamp.....: 0x499898F3 (Sun Feb 15 23:36:35 2009)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 5 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x7C33 0x7E00 6.51 0b5827a1afb5cd8b4a046b983aca2312<br>.rdata 0x9000 0x29AB 0x2A00 5.42 b93e6e8661ce00351a9cbe920d6043ed<br>.data 0xC000 0x1960 0xE00 2.66 58a6fca5f6ca35d93edce0ac12fa6157<br>.rsrc 0xE000 0x1B4 0x200 5.11 2d86b17607019602f3efbdf70b3f9937<br>.reloc 0xF000 0x1386 0x1400 3.93 584a819b02521923ce87a7457b485b34<br> <br> ( 4 imports )<br> <br>&gt; kernel32.dll: LoadLibraryW, GetProcAddress, FreeLibrary, FlushInstructionCache, GetCurrentProcess, VirtualFree, VirtualAlloc, GetSystemInfo, OutputDebugStringW, LocalAlloc, InterlockedExchange, GetLastError, LoadLibraryA, RaiseException, GetCurrentThreadId, GetCommandLineA, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapFree, HeapAlloc, GetModuleHandleW, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, InterlockedDecrement, Sleep, HeapSize, ExitProcess, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapCreate, HeapDestroy, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, WriteFile, LeaveCriticalSection, EnterCriticalSection, HeapReAlloc, RtlUnwind, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, InitializeCriticalSectionAndSpinCount, GetLocaleInfoA, GetStringTypeA, MultiByteToWideChar, GetStringTypeW, LCMapStringA, LCMapStringW<br>&gt; nspr4.dll: PR_AtomicIncrement, PR_AtomicDecrement<br>&gt; user32.dll: CallWindowProcW, SetWindowLongW, GetWindowLongW<br>&gt; xpcom.dll: NS_Alloc<br> <br> ( 1 exports )<br> <br>&gt; NSGetModule
                              TrID&nbsp;&nbsp;: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
                              ssdeep: 768:irE6casM4v9d6yCeENvqAujkmSfuYi0FwaqPRY0o:irE6mM4vHAmRAARY0
                              PEiD&nbsp;&nbsp;: -
                              RDS&nbsp;&nbsp;&nbsp;: NSRL Reference Data Set<br>-

                              Antivírus Versão Última Atualização Resultado
                              a-squared 4.5.0.41 2009.11.19 -
                              AhnLab-V3 5.0.0.2 2009.11.19 -
                              AntiVir 7.9.1.72 2009.11.19 -
                              Antiy-AVL 2.0.3.7 2009.11.19 -
                              Authentium 5.2.0.5 2009.11.19 -
                              Avast 4.8.1351.0 2009.11.19 -
                              AVG 8.5.0.425 2009.11.19 -
                              BitDefender 7.2 2009.11.19 -
                              CAT-QuickHeal 10.00 2009.11.19 -
                              ClamAV 0.94.1 2009.11.19 -
                              Comodo 2983 2009.11.19 -
                              DrWeb 5.0.0.12182 2009.11.19 -
                              eSafe 7.0.17.0 2009.11.19 -
                              eTrust-Vet 35.1.7131 2009.11.19 -
                              F-Prot 4.5.1.85 2009.11.19 -
                              F-Secure 9.0.15370.0 2009.11.17 -
                              Fortinet 3.120.0.0 2009.11.19 -
                              GData 19 2009.11.19 -
                              Ikarus T3.1.1.74.0 2009.11.19 -
                              Jiangmin 11.0.800 2009.11.19 -
                              K7AntiVirus 7.10.900 2009.11.19 -
                              Kaspersky 7.0.0.125 2009.11.19 -
                              McAfee 5807 2009.11.19 -
                              McAfee+Artemis 5807 2009.11.19 -
                              McAfee-GW-Edition 6.8.5 2009.11.19 -
                              Microsoft 1.5302 2009.11.19 -
                              NOD32 4623 2009.11.19 -
                              Norman 6.03.02 2009.11.19 -
                              nProtect 2009.1.8.0 2009.11.19 -
                              Panda 10.0.2.2 2009.11.19 -
                              PCTools 7.0.3.5 2009.11.19 -
                              Prevx 3.0 2009.11.19 -
                              Rising 22.22.03.09 2009.11.19 -
                              Sophos 4.47.0 2009.11.19 -
                              Sunbelt 3.2.1858.2 2009.11.19 -
                              Symantec 1.4.4.12 2009.11.19 -
                              TheHacker 6.5.0.2.074 2009.11.19 -
                              TrendMicro 9.0.0.1003 2009.11.19 -
                              VBA32 3.12.12.0 2009.11.19 -
                              ViRobot 2009.11.19.2045 2009.11.19 -
                              VirusBuster 5.0.21.0 2009.11.19 -

                              Informações adicionais
                              File size: 53248 bytes
                              MD5 : 8923e7eb1eabd9941925cdfdb6066990
                              SHA1 : 91c4eb2f78fcdcf19f1e0408145f17a12705e447
                              SHA256: b7bef7523df6a7873f3d1a692547e4a72b5faefae17dc41a1d29210ea1266bff
                              PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0x23F1<br> timedatestamp.....: 0x499898F3 (Sun Feb 15 23:36:35 2009)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 5 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x7C33 0x7E00 6.51 0b5827a1afb5cd8b4a046b983aca2312<br>.rdata 0x9000 0x29AB 0x2A00 5.42 b93e6e8661ce00351a9cbe920d6043ed<br>.data 0xC000 0x1960 0xE00 2.66 58a6fca5f6ca35d93edce0ac12fa6157<br>.rsrc 0xE000 0x1B4 0x200 5.11 2d86b17607019602f3efbdf70b3f9937<br>.reloc 0xF000 0x1386 0x1400 3.93 584a819b02521923ce87a7457b485b34<br> <br> ( 4 imports )<br> <br>> kernel32.dll: LoadLibraryW, GetProcAddress, FreeLibrary, FlushInstructionCache, GetCurrentProcess, VirtualFree, VirtualAlloc, GetSystemInfo, OutputDebugStringW, LocalAlloc, InterlockedExchange, GetLastError, LoadLibraryA, RaiseException, GetCurrentThreadId, GetCommandLineA, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapFree, HeapAlloc, GetModuleHandleW, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, InterlockedDecrement, Sleep, HeapSize, ExitProcess, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapCreate, HeapDestroy, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, WriteFile, LeaveCriticalSection, EnterCriticalSection, HeapReAlloc, RtlUnwind, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, InitializeCriticalSectionAndSpinCount, GetLocaleInfoA, GetStringTypeA, MultiByteToWideChar, GetStringTypeW, LCMapStringA, LCMapStringW<br>> nspr4.dll: PR_AtomicIncrement, PR_AtomicDecrement<br>> user32.dll: CallWindowProcW, SetWindowLongW, GetWindowLongW<br>> xpcom.dll: NS_Alloc<br> <br> ( 1 exports )<br> <br>> NSGetModule
                              TrID : File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
                              ssdeep: 768:irE6casM4v9d6yCeENvqAujkmSfuYi0FwaqPRY0o:irE6mM4vHAmRAARY0
                              PEiD : -
                              RDS : NSRL Reference Data Set<br>-

                              Comment


                              • And new possible FP:

                                IObit Security 360

                                OS:Windows 7
                                Versão:1.3.0.10
                                Definir Versão:1292
                                Tempo decorrido:00:21:50
                                Objetos verificados:68114
                                Ameaças encontradas:1

                                |Name|Type|Description|ID|
                                Acez.SiteError, File, C:\Program Files (x86)\SecCopy\UNWISE.EXE, 10-194


                                -------------------------------------------

                                VirusTotal report:

                                Arquivo UNWISE.EXE recebido em 2009.12.09 09:15:37 (UTC)
                                Antivírus Versão Última Atualização Resultado
                                a-squared 4.5.0.43 2009.12.09 -
                                AhnLab-V3 5.0.0.2 2009.12.09 -
                                AntiVir 7.9.1.102 2009.12.08 -
                                Antiy-AVL 2.0.3.7 2009.12.09 -
                                Authentium 5.2.0.5 2009.12.02 -
                                Avast 4.8.1351.0 2009.12.08 -
                                AVG 8.5.0.426 2009.12.08 -
                                BitDefender 7.2 2009.12.09 -
                                CAT-QuickHeal 10.00 2009.12.09 -
                                ClamAV 0.94.1 2009.12.09 -
                                Comodo 3103 2009.12.01 -
                                DrWeb 5.0.0.12182 2009.12.09 -
                                eSafe 7.0.17.0 2009.12.08 -
                                eTrust-Vet 35.1.7166 2009.12.09 -
                                F-Prot 4.5.1.85 2009.12.08 -
                                F-Secure 9.0.15370.0 2009.12.07 -
                                Fortinet 4.0.14.0 2009.12.08 -
                                GData 19 2009.12.09 -
                                Ikarus T3.1.1.74.0 2009.12.09 -
                                Jiangmin 13.0.900 2009.12.02 -
                                K7AntiVirus 7.10.915 2009.12.08 -
                                Kaspersky 7.0.0.125 2009.12.09 -
                                McAfee 5826 2009.12.08 -
                                McAfee+Artemis 5826 2009.12.08 -
                                McAfee-GW-Edition 6.8.5 2009.12.09 -
                                Microsoft 1.5302 2009.12.09 -
                                NOD32 4671 2009.12.08 -
                                Norman 6.03.02 2009.12.08 -
                                nProtect 2009.1.8.0 2009.12.09 -
                                Panda 10.0.2.2 2009.12.08 -
                                PCTools 7.0.3.5 2009.12.09 -
                                Prevx 3.0 2009.12.09 -
                                Rising 22.25.02.04 2009.12.09 -
                                Sophos 4.48.0 2009.12.09 -
                                Sunbelt 3.2.1858.2 2009.12.09 -
                                Symantec 1.4.4.12 2009.12.09 -
                                TheHacker 6.5.0.2.088 2009.12.07 -
                                TrendMicro 9.100.0.1001 2009.12.09 -
                                VBA32 3.12.12.0 2009.12.08 -
                                ViRobot 2009.12.9.2077 2009.12.09 -
                                VirusBuster 5.0.21.0 2009.12.08 -
                                Informações adicionais
                                File size: 164864 bytes
                                MD5...: 2b85fe26ca828485bff6a454b881a295
                                SHA1..: fd448d4a9165bc848a1e6c579010a3ec21b4137e
                                SHA256: 7128574752f0a7da1284d589c195aafe25c29f825d7028cebdb21a7ecc44dc00
                                ssdeep: 15364emQiBW4NiAuSifjPRcU27+YoFnWtoXLJYHAUs4eViA4NiAsF27+YoFn<br>WyJYHAU<br>
                                PEiD..: -
                                PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0xd5c1<br>timedatestamp.....: 0x3ba9fd19 (Thu Sep 20 14:28:41 2001)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x10097 0x10200 6.36 551633b6935c615b63d0c4ed63f1481a<br>.rdata 0x12000 0x1e7f 0x2000 5.51 53781dfac3077d4069c17beae2d78fae<br>.data 0x14000 0x403c 0x3600 2.56 4c36297baa8f5e13ed1b78b79f7ff748<br>.rsrc 0x19000 0x126a0 0x12800 3.67 8cadfc9e304ab9e1b28157d6c3d8c6bb<br><br>( 7 imports ) <br>&gt; KERNEL32.dll: MoveFileExA, SetFileAttributesA, FindFirstFileA, FindNextFileA, WaitForSingleObject, RemoveDirectoryA, GetVersionExA, GetLocalTime, CreateDirectoryA, LocalFree, FormatMessageA, GetLastError, CreateProcessA, MultiByteToWideChar, GlobalLock, DeleteFileA, FreeResource, lstrcatA, LoadLibraryA, GetProcAddress, FreeLibrary, GetWindowsDirectoryA, GlobalUnlock, GlobalFree, SizeofResource, _lcreat, _lwrite, _lclose, WinExec, OpenFile, lstrcpynA, WritePrivateProfileStringA, FileTimeToDosDateTime, GetFileTime, FileTimeToLocalFileTime, GetSystemDirectoryA, _lread, GetDriveTypeA, lstrcmpA, _lopen, _llseek, GetModuleFileNameA, lstrcmpiA, MulDiv, GetTempPathA, lstrlenA, lstrcpyA, FindResourceA, GetTempFileNameA, CopyFileA, GetFileAttributesA, LoadResource, LockResource, SetErrorMode, GetPrivateProfileIntA, GlobalAlloc, FindClose, GetPrivateProfileStringA, FreeEnvironmentStringsA, HeapReAlloc, UnhandledExceptionFilter, FreeEnvironmentStringsW, VirtualFree, ExitProcess, HeapCreate, HeapDestroy, GetEnvironmentVariableA, ReadFile, SetFilePointer, WriteFile, GetStdHandle, SetHandleCount, SetStdHandle, LCMapStringW, LCMapStringA, WideCharToMultiByte, GetStringTypeW, GetStringTypeA, GetCurrentProcess, TerminateProcess, GetVersion, GetCommandLineA, GetStartupInfoA, GetModuleHandleA, HeapFree, HeapAlloc, MoveFileA, CreateFileA, GetFileType, SetEndOfFile, CloseHandle, GetFullPathNameA, SetCurrentDirectoryA, GetCurrentDirectoryA, SetEnvironmentVariableA, GetEnvironmentStrings, GetEnvironmentStringsW, RtlUnwind, GetCPInfo, VirtualAlloc, GetACP, GetOEMCP<br>&gt; USER32.dll: LoadBitmapA, UpdateWindow, RegisterClassA, SetWindowTextA, wsprintfA, MessageBoxA, GetSysColor, CreateWindowExA, DispatchMessageA, ShowWindow, LoadIconA, KillTimer, DestroyWindow, GetMessageA, ExitWindowsEx, LoadCursorA, SetCursor, EnableWindow, IsWindowVisible, CreateDialogParamA, IsDialogMessageA, PostMessageA, EndPaint, PostQuitMessage, GetClientRect, BeginPaint, ReleaseDC, InvalidateRect, GetDC, DefWindowProcA, MoveWindow, GetWindowRect, SetDlgItemTextA, EndDialog, GetDlgItemTextA, SetRect, ScreenToClient, GetWindowTextA, SendMessageA, SendDlgItemMessageA, GetDlgItem, SetFocus, OemToCharA, DialogBoxParamA, DrawEdge, CharNextA, GetDialogBaseUnits, FillRect, DrawIcon, LoadStringA, GetParent, EnumChildWindows, FindWindowA, DdeCreateDataHandle, DdeInitializeA, DdeCreateStringHandleA, DdeClientTransaction, DdeGetData, TranslateMessage, SetTimer, DdeUninitialize, PeekMessageA, DdeDisconnect, DdeFreeDataHandle, DdeConnect<br>&gt; GDI32.dll: CreateBrushIndirect, TextOutA, SetTextColor, GetTextExtentPointA, CreateFontA, GetDeviceCaps, SetBkMode, BitBlt, GetObjectA, DeleteDC, PatBlt, CreateSolidBrush, CreateCompatibleDC, RealizePalette, SelectPalette, SelectObject, MoveToEx, CreatePen, LineTo, SetBkColor, StretchBlt, ExtTextOutA, CreateCompatibleBitmap, CreateFontIndirectA, GetStockObject, DeleteObject<br>&gt; comdlg32.dll: GetOpenFileNameA<br>&gt; ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegDeleteValueA, RegQueryValueExA, RegEnumValueA, RegOpenKeyExA, CloseServiceHandle, OpenSCManagerA, RegSetValueA, RegCreateKeyExA, RegDeleteKeyA, RegEnumKeyExA, RegEnumKeyA, RegOpenKeyA, DeleteService, ControlService, OpenServiceA<br>&gt; SHELL32.dll: ShellExecuteA<br>&gt; ole32.dll: CoUninitialize, CoCreateInstance, CoInitialize<br><br>( 5 exports ) <br>_ItemDlg@16, _MainWndProc@16, _ProgressDlg@16, _PromptDlg@16, _SharedDlg@16<br>
                                RDS...: NSRL Reference Data Set<br>-
                                pdfid.: -
                                trid..: Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%)
                                sigcheck:<br>publisher....: n/a<br>copyright....: n/a<br>product......: n/a<br>description..: n/a<br>original name: n/a<br>internal name: n/a<br>file version.: n/a<br>comments.....: n/a<br>signers......: -<br>signing date.: -<br>verified.....: Unsigned<br>

                                Antivírus Versão Última Atualização Resultado
                                a-squared 4.5.0.43 2009.12.09 -
                                AhnLab-V3 5.0.0.2 2009.12.09 -
                                AntiVir 7.9.1.102 2009.12.08 -
                                Antiy-AVL 2.0.3.7 2009.12.09 -
                                Authentium 5.2.0.5 2009.12.02 -
                                Avast 4.8.1351.0 2009.12.08 -
                                AVG 8.5.0.426 2009.12.08 -
                                BitDefender 7.2 2009.12.09 -
                                CAT-QuickHeal 10.00 2009.12.09 -
                                ClamAV 0.94.1 2009.12.09 -
                                Comodo 3103 2009.12.01 -
                                DrWeb 5.0.0.12182 2009.12.09 -
                                eSafe 7.0.17.0 2009.12.08 -
                                eTrust-Vet 35.1.7166 2009.12.09 -
                                F-Prot 4.5.1.85 2009.12.08 -
                                F-Secure 9.0.15370.0 2009.12.07 -
                                Fortinet 4.0.14.0 2009.12.08 -
                                GData 19 2009.12.09 -
                                Ikarus T3.1.1.74.0 2009.12.09 -
                                Jiangmin 13.0.900 2009.12.02 -
                                K7AntiVirus 7.10.915 2009.12.08 -
                                Kaspersky 7.0.0.125 2009.12.09 -
                                McAfee 5826 2009.12.08 -
                                McAfee+Artemis 5826 2009.12.08 -
                                McAfee-GW-Edition 6.8.5 2009.12.09 -
                                Microsoft 1.5302 2009.12.09 -
                                NOD32 4671 2009.12.08 -
                                Norman 6.03.02 2009.12.08 -
                                nProtect 2009.1.8.0 2009.12.09 -
                                Panda 10.0.2.2 2009.12.08 -
                                PCTools 7.0.3.5 2009.12.09 -
                                Prevx 3.0 2009.12.09 -
                                Rising 22.25.02.04 2009.12.09 -
                                Sophos 4.48.0 2009.12.09 -
                                Sunbelt 3.2.1858.2 2009.12.09 -
                                Symantec 1.4.4.12 2009.12.09 -
                                TheHacker 6.5.0.2.088 2009.12.07 -
                                TrendMicro 9.100.0.1001 2009.12.09 -
                                VBA32 3.12.12.0 2009.12.08 -
                                ViRobot 2009.12.9.2077 2009.12.09 -
                                VirusBuster 5.0.21.0 2009.12.08 -

                                Informações adicionais
                                File size: 164864 bytes
                                MD5...: 2b85fe26ca828485bff6a454b881a295
                                SHA1..: fd448d4a9165bc848a1e6c579010a3ec21b4137e
                                SHA256: 7128574752f0a7da1284d589c195aafe25c29f825d7028cebdb21a7ecc44dc00
                                ssdeep: 15364emQiBW4NiAuSifjPRcU27+YoFnWtoXLJYHAUs4eViA4NiAsF27+YoFn<br>WyJYHAU<br>
                                PEiD..: -
                                PEInfo: PE Structure information<br><br>( base data )

                                Comment

                                Working...
                                X